About “Bulz.624281” infection

The Bulz.624281 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.624281 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Bulz.624281?


File Info:
name: 8902A551ED5489BE33E4.mlw
path: /opt/CAPEv2/storage/binaries/5fcc239c4656ecb1951cfd7db10ab93c3abbea1eba6e61108a96133066e563d0
crc32: 86B466C8
md5: 8902a551ed5489be33e45ca33fa239e6
sha1: 9d775ef5f528c9b6a2678bfbc611ef80bfbf0084
sha256: 5fcc239c4656ecb1951cfd7db10ab93c3abbea1eba6e61108a96133066e563d0
sha512: 8cb4a1f3d0c8171f2e126f05c942eaa7d1badd4fabb43f51a5ab7be0dfe32b30526ae89e7a8da7770b0067272791c90f6f333291f2c553721cb5f5714465fe57
ssdeep: 48:6iE53A66eO4rQtKv3znKedm9lFlBF0bjZJaY2P1ulma3Sq:Q5w6lQtKv3zKBlFlkP2gIK
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1A2814316ABA4073AE8BB4331FBF34757AB70B8105FA3FB1B454046155C926A45F72BA0
sha3_384: 5b938cd9d2084b1a6312d2ca426f25747f83b62f1615224089f2cc388fab8a0178407e9988d49d9688cfdd16051a3fc1
ep_bytes: ff250020001000000000000000000000
timestamp: 2022-02-17 17:09:09

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: jp5kjprf.dll
LegalCopyright:  
OriginalFilename: jp5kjprf.dll
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Bulz.624281 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.MSIL.Zapchast.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.624281
Skyhigh	GenericRXQA-QX!8902A551ED54
McAfee	GenericRXQA-QX!8902A551ED54
Cylance	unsafe
CrowdStrike	win/malicious_confidence_90% (D)
Alibaba	Trojan:MSIL/Zapchast.b0c2c0ac
Arcabit	Trojan.Bulz.D98699
Symantec	Trojan.Gen.MBT
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	Trojan.MSIL.Zapchast.sbbg
BitDefender	Gen:Variant.Bulz.624281
NANO-Antivirus	Trojan.Win32.Zapchast.jmznlz
Avast	Win32:TrojanX-gen [Trj]
Tencent	Trojan.Msil.Zapchast.fa
Emsisoft	Gen:Variant.Bulz.624281 (B)
VIPRE	Gen:Variant.Bulz.624281
Sophos	Mal/Generic-S
Jiangmin	Trojan.MSIL.amhgd
Varist	W32/MSIL_Zapchast.B.gen!Eldorado
Antiy-AVL	Trojan/MSIL.Zapchast
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	Trojan.MSIL.Zapchast.sbbg
GData	Gen:Variant.Bulz.624281
Google	Detected
TACHYON	Trojan/W32.DN-Zapchast.4096
Malwarebytes	Trojan.Small
Panda	Trj/GdSda.A
Yandex	Trojan.Zapchast!A7+L3pAEtKY
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	MSIL/Bulz.6242!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Bulz.624281?

Bulz.624281 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X